Manufacturing operations tend to run smoothly until they don’t. And when they don’t, it is critical for manufacturing leaders to be as prepared as possible when a crisis occurs. A risk to your operations can occur at any time, so it’s imperative to plan far in advance and work with your leadership team to assess your company’s key vulnerabilities.
During its recent monthly virtual meeting, FSO Institute’s Manufacturing Health Roundtable shared some of its thoughts on the most significant features when beginning business continuity planning (BCP), especially for small to midsize consumer packaged goods (CPG) companies. The conversation was facilitated by FSO Institute coaches Dan Sileo and James Couch, resulting in the following most significant aspects of a robust BCP program.
Mitigating supply chain issues
FSO Institute: Dan, what effect do supply chain issues have on BCP? Are there any good examples and solutions that you’ve recently encountered?
Sileo: Many scenarios could impact your supply chain, such as extreme weather, fire, labor strikes, working with single-source suppliers, and warehouse management or transportation issues.
Imagine the risk for a CPG manufacturer that must deliver a product with an ultra-cold -40°F supply chain. If its unique fleet was unable to safely and promptly distribute outbound work in progress (WIP) or finished product, a business disaster could occur.
For a successful BCP, consider your warehouse management systems (WMS) and lot traceability workaround and their impact on shippers. An effective manual workaround can continue to satisfy customer needs while primarily maintaining lot traceability and, secondarily, first-in first-out (FIFO) production. Work must be performed in the background, such as a daily file download, so the staff will have the information they need if the WMS goes down.
Strong BCP programs are in place at most large CPG companies, but a BCP can be even more critical for smaller organizations without the resources to withstand unexpected crises.
The recent COVID-19 outbreak negatively impacted many CPGs, underscoring the need for supplier diversification and solid contingency plans. During the outbreak, small companies without a BCP went out of business.
But severe viral outbreaks are not the only unexpected problem that may arise. Weather can play a definite roll in a CPG’s success or failure. For example, when a rare, huge snowstorm struck Atlanta a decade ago, it shut down the entire city, except for the companies that were prepared to act. Savvy manufacturers had plans to get their employees to work while other companies closed for more than a week.
Not only do you have to consider all the above-mentioned risks at your company’s facilities, but what would happen if those same scenarios occurred at your suppliers’ sites. Consequently, it is important to keep track of their BCP programs as well. And, if you have single-source suppliers, whether they are external or internal, you must have a backup plan.
People keep operations running
FSO Institute: In your examples above, people seem to play a critical role in solving BCP challenges. Can you expand on that a bit more?
Sileo: Unexpected staffing issues can plague all types of manufacturing companies. They can include internal emergencies or union actions, for example. The goal here is keeping the facility operational by including everyone from plant leaders to plant floor workers and getting sister facilities and/or co-manufacturers to help, should an emergency occur.
Sometimes, a facility could face life or death situations. For example, an internal emergency could involve the death of, or serious injury to, a staff member, the possibility of a poisonous chemical release, or a production stoppage of critical products that sustain life.
In some cases, the facility may require a prolonged shutdown. So, in today’s challenging labor environment, part of your BCP should be how to retain employees during a shutdown.
Detailed communication plans for all the above staffing challenges, at both the plant and corporate level, are essential.
Smaller firms should network with and learn from larger companies and develop a template for their own BCPs. Prioritization of emergency actions to take is critical, particularly for smaller firms with limited resources. A smart way to prioritize actions is to perform a strengths, weaknesses, opportunities, and threats (SWOT) analysis.
After the SWOT analysis, it’s time to build an action plan and ensure it is completed. Smaller companies should pick only their top three to five challenges, so they do not get overwhelmed. The following year, these companies should do the exercise again, and either dive deeper into fixing issues from the previous year or take on new top priorities. This allows the plan to evolve and expand over time.
The importance of equipment assets
FSO Institute: James, while people play an important role in managing the challenges of BCP, equipment and other machinery assets are critical too. Can you elaborate on the role of equipment assets?
Couch: It is vital to conduct a risk assessment that prioritizes your facility’s most critical machinery assets, key components, lead times, and customer requirements. You also need to focus on your maintenance strategy programs and how your entire facility supports all operations. This includes reliability-centered maintenance (RCM), preventive maintenance optimization (PMO), predictive maintenance (PdM), or run-to-failure (RTF) protocols.
In this part of your BCP, you should develop an engaged, multidisciplinary team consisting of the plant manager, engineering, maintenance, operations, environmental health and safety (EHS), and other departments. But don’t forget to include operators—they are your first line of defense. In addition, your equipment assets should be designed for reliability and involve input from engineering as well as the operators.
Software platforms are readily available to help you conduct an equipment risk assessment, so it is not necessary to purchase custom solutions. Consider Internet of Things (IoT) platforms or edge devices to gather data. You can also see if your vendors will store critical parts on your behalf or think about partnering with vendors to develop win-win solutions that will result in speed of responsiveness.
One machinery parts solution you may have not yet considered is 3D metal printers. Currently, the U.S. Navy is using them to produce parts on its fleets at sea.
The right training supports regulatory compliance
FSO Institute: Where there’s manufacturing, there’s regulatory compliance to be considered. How do regulatory issues affect BCP?
Couch: Don’t overlook regulatory issues in your BCP. From EHS and Occupational Safety and Health Administration (OSHA) regulations to the Food Safety Modernization Act (FSMA), proper training can mitigate many of the regulatory issues impacting your facility by creating buy-in, ownership, and advocacy (BOA) among the plant workforce to create both a people- and product-safe environment.
EHS and OSHA focus on both policy and action plans. FSMA is also focused on policy and then action, particularly the control of cleaning, allergens, and pathogens. In food safety matters, a recall process must be followed, and facilities must investigate and resolve problems.
Cybersecurity must be a priority
FSO Institute: Increasingly, cybersecurity has become a front and center issue facing manufacturing of all types. What are your top-of-mind thoughts on cybersecurity?
Sileo and Couch: A cyberattack can shut down production and often involves a company being asked for a ransom for its operations to continue. In fact, the plant floor is as much a target as the business side of your organization. Small companies can be devastated by an attack.
Therefore, every CPG needs a clear communication plan, should a cyberattack occur. All staff should have clear roles and full knowledge of their responsibilities in this emergency. The problem is not just IT’s responsibility; operational technology (OT) must also be engaged.
Many times, a company might not immediately know it is under attack. For example, IT awareness may be seen in 30 days, but it might take months for OT to become aware. In fact, the elements of a cyberattack can lay dormant in your system, gathering intelligence for an extended period, before a later assault.
Considering all the risks mentioned in this article, CPG leaders should take the time to focus on their businesses by prioritizing risk management and developing a strong BCP.